package com.itheima.demo.security;


import com.itheima.demo.custom.CustomUserDetailsService;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;


@Configuration
@EnableWebSecurity //启用web权限
@EnableGlobalMethodSecurity(prePostEnabled = true) //启用方法验证
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	/**定义认证用户信息获取来源，密码校验规则等*/
	@Override
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.userDetailsService(new CustomUserDetailsService());
	}
	
	/**定义安全策略*/
	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable().authorizeRequests()//配置安全策略
			//.antMatchers("/","/hello").permitAll()//定义/请求不需要验证
			.anyRequest().authenticated()//其余的所有请求都需要验证
			.and()
		.logout()
			.permitAll()//定义logout不需要验证
			.and()
		.formLogin();//使用form表单登录*/

		/*http.csrf().disable()
				.formLogin()
				.loginPage("/login.jsp").loginProcessingUrl("/login").and()
				.logout().logoutUrl("/logout").logoutSuccessUrl("/login.jsp").permitAll()//定义/请求不需要验证
				.and()
				.authorizeRequests()
				.anyRequest().authenticated();*/
	}



}
